CentOS 7 Iptables Help

Issues related to configuring your network
Post Reply
sbuchanan0613
Posts: 9
Joined: 2018/04/25 20:48:02

CentOS 7 Iptables Help

Post by sbuchanan0613 » 2018/09/25 17:15:22

Good Morning,

I am running the latest CentOS 7 release with an external and internal NIC and have an idea in my head for routing traffic. Within Iptables I can specify --owner --gid-owner <gid> to match specific inbound traffic. What I want to do is match this "gid" traffic and DNAT this (ssh) traffic to a machine that is sitting behind this CentOS firewall/router. However my gotchya is if the gid doesnt match, I want to route this other traffic to port 22 on the localhost. In my setup, I cant just setup a NAT rule with an obsolete port. Basically from the outside, typical ports can be open where as non-typical cannot. If anyone has any ideas of how to accomplish this please let me know.

Best Regards,
Steve

User avatar
TrevorH
Site Admin
Posts: 33202
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: CentOS 7 Iptables Help

Post by TrevorH » 2018/09/25 18:51:13

I'm pretty sure that uid matching in iptables only works for outbound packets not for inbound.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

Post Reply